ComboFix 09-04-13.A2 - monika 2009-04-13 19:05.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1250.1.1045.18.1919.1030 [GMT 2:00]
Uruchomiony z: c:\users\monika\Downloads\ComboFix.exe
* Utworzono nowy punkt przywracania
.
((((((((((((((((((((((((((((((((((((((( Usunięto )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\program files\FunWebProducts
c:\program files\MyWebSearch
c:\program files\MyWebSearch\bar\4.bin\F3BKGERR.JPG
c:\program files\MyWebSearch\bar\4.bin\F3HTTPCT.DLL
c:\program files\MyWebSearch\bar\4.bin\F3REPROX.DLL
c:\program files\MyWebSearch\bar\4.bin\F3SPACER.WMV
c:\program files\MyWebSearch\bar\4.bin\F3WALLPP.DAT
c:\program files\MyWebSearch\bar\4.bin\FWPBUDDY.PNG
c:\program files\MyWebSearch\bar\4.bin\M3FFXTBR.JAR
c:\program files\MyWebSearch\bar\4.bin\M3FFXTBR.MANIFEST
c:\program files\MyWebSearch\bar\4.bin\M3NTSTBR.JAR
c:\program files\MyWebSearch\bar\4.bin\M3NTSTBR.MANIFEST
c:\program files\MyWebSearch\bar\Avatar\COMMON.F3S
c:\program files\MyWebSearch\bar\Game\CHECKERS.F3S
c:\program files\MyWebSearch\bar\Game\CHESS.F3S
c:\program files\MyWebSearch\bar\Game\REVERSI.F3S
c:\program files\MyWebSearch\bar\icons\CM.ICO
c:\program files\MyWebSearch\bar\icons\MFC.ICO
c:\program files\MyWebSearch\bar\icons\PSS.ICO
c:\program files\MyWebSearch\bar\icons\SMILEY.ICO
c:\program files\MyWebSearch\bar\icons\WB.ICO
c:\program files\MyWebSearch\bar\icons\ZWINKY.ICO
c:\program files\MyWebSearch\bar\Message\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\COMMON.F3S
c:\program files\MyWebSearch\bar\Notifier\DOG.F3S
c:\program files\MyWebSearch\bar\Notifier\FISH.F3S
c:\program files\MyWebSearch\bar\Notifier\KUNGFU.F3S
c:\program files\MyWebSearch\bar\Notifier\LIFEGARD.F3S
c:\program files\MyWebSearch\bar\Notifier\MAID.F3S
c:\program files\MyWebSearch\bar\Notifier\MAILBOX.F3S
c:\program files\MyWebSearch\bar\Notifier\OPERA.F3S
c:\program files\MyWebSearch\bar\Notifier\ROBOT.F3S
c:\program files\MyWebSearch\bar\Notifier\SEDUCT.F3S
c:\program files\MyWebSearch\bar\Settings\s_pid.dat
c:\windows\system32\drivers\ovfsthbermoxpsjpnietqdcepipwqohtgtyxpc.sys
c:\windows\system32\ovfsthiekvubdsexkwgkubfhnysfcctwoqlnei.dat
c:\windows\system32\ovfsthpvhlkwswsavfnxkhklykbvdqwxcoeyax.dat
.
((((((((((((((((((((((((((((((((((((((( Sterowniki/Usługi )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_MyWebSearchService
((((((((((((((((((((((((( Pliki utworzone od 2009-03-13 do 2009-04-13 )))))))))))))))))))))))))))))))
.
2009-04-13 07:24 . 2009-02-13 09:31 55640 ----a-w c:\windows\system32\drivers\avgntflt.sys
2009-04-13 07:24 . 2009-04-13 07:24 -------- d-----w c:\users\All Users\Avira
2009-04-13 07:24 . 2009-04-13 07:24 -------- d-----w c:\programdata\Avira
2009-04-12 07:28 . 2009-04-13 17:12 -------- d-----w c:\users\monika\AppData\Roaming\Auto-Backup
2009-04-07 07:50 . 2008-02-23 04:38 170496 ----a-w c:\windows\system32\tcpipcfg.dll
2009-04-07 07:50 . 2008-02-23 02:41 22528 ----a-w c:\windows\system32\netiougc.exe
2009-04-06 22:06 . 2009-04-06 22:06 -------- d-----w c:\users\All Users\CheckPoint
2009-04-06 22:06 . 2009-04-06 22:06 -------- d-----w c:\programdata\CheckPoint
2009-04-06 22:04 . 2009-04-13 17:11 -------- d-----w c:\windows\Internet Logs
2009-04-05 10:11 . 2003-03-18 19:20 1060864 ----a-w c:\windows\system32\MFC71.dll
2009-04-05 08:32 . 2009-04-05 10:00 -------- d-----w c:\users\All Users\Symantec
2009-04-05 08:32 . 2009-04-05 10:00 -------- d-----w c:\programdata\Symantec
2009-04-04 12:26 . 2009-04-04 12:26 -------- d-----r c:\users\monika\Videos
2009-04-01 09:16 . 2009-04-01 09:16 -------- d-----w C:\CLT
2009-03-30 09:06 . 2009-03-30 09:06 118 ----a-w c:\windows\system32\MRT.INI
2009-03-28 12:03 . 2009-03-28 12:03 108336 ----a-w c:\windows\system32\mswinsck.ocx
2009-03-28 10:52 . 2009-03-28 13:00 -------- d-----w C:\00000082
2009-03-27 19:45 . 2009-03-27 19:45 -------- d-----w c:\windows\system32\IOSUBSYS
2009-03-27 11:40 . 2009-03-27 11:40 -------- d-----r c:\users\Public\Videos
2009-03-27 08:17 . 2009-03-27 23:14 -------- d-----w c:\users\monika\AppData\Roaming\CamTrack
2009-03-27 08:14 . 2007-02-28 12:00 108752 ----a-w c:\windows\system32\drivers\dptrackerd.sys
2009-03-27 07:54 . 2009-03-27 07:55 -------- d-----w c:\users\monika\AppData\Roaming\Webcammax
2009-03-15 10:01 . 2009-03-15 10:01 2 ----a-w C:-1403702282
.
(((((((((((((((((((((((((((((((((((((((( Sekcja Find3M ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-04-13 17:11 . 2009-04-08 11:00 350192 —ha-w c:\windows\system32\drivers\vsconfig.xml
2009-04-13 17:10 . 2008-10-22 21:09 65536 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
2009-04-13 17:10 . 2008-10-22 21:09 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
2009-04-13 17:10 . 2008-10-22 21:09 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
2009-04-13 17:10 . 2009-04-13 17:10 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
2009-04-13 17:10 . 2009-04-13 17:10 2048 --sha-w c:\windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
2009-04-13 16:45 . 2008-11-21 16:34 -------- d-----w c:\users\monika\AppData\Roaming\Skype
2009-04-13 16:43 . 2008-11-21 16:45 -------- d-----w c:\users\monika\AppData\Roaming\skypePM
2009-04-13 10:53 . 2009-04-13 07:40 32768 --sha-w c:\windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\MSHist012009041320090414\index.dat
2009-04-13 08:56 . 2008-10-26 20:28 -------- d-----w c:\users\monika\AppData\Roaming\uTorrent
2009-04-13 07:24 . 2009-04-13 07:24 -------- d-----w c:\program files\Avira
2009-04-12 07:28 . 2009-04-12 07:28 -------- d-----w c:\program files\Auto-Backup
2009-04-08 11:02 . 2009-04-07 07:50 -------- d-----w c:\program files\AskBarDis
2009-04-08 11:01 . 2006-11-02 10:25 51200 ----a-w c:\windows\Inf\infpub.dat
2009-04-08 11:01 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstrng.dat
2009-04-08 11:01 . 2006-11-02 10:25 86016 ----a-w c:\windows\Inf\infstor.dat
2009-04-07 07:49 . 2009-04-07 07:49 -------- d-----w c:\program files\Zone Labs
2009-04-05 10:15 . 2009-01-09 10:56 -------- d-----w c:\programdata\Norton
2009-04-05 10:11 . 2009-04-05 10:11 -------- d-----w c:\program files\Alwil Software
2009-04-05 10:00 . 2008-07-21 08:51 -------- d-----w c:\program files\Common Files\Symantec Shared
2009-04-05 09:26 . 2009-01-09 10:56 -------- d-----w c:\programdata\NortonInstaller
2009-04-01 22:08 . 2009-04-01 22:08 -------- d-----w c:\program files\Norton Internet Security(4)
2009-04-01 22:07 . 2009-04-01 22:07 -------- d-----w c:\program files\NortonInstaller(5)
2009-03-27 19:45 . 2008-07-21 08:44 -------- d-----w c:\program files\Google
2009-03-26 23:20 . 2009-02-27 09:52 -------- d-----r c:\program files\Skype
2009-03-25 10:23 . 2008-11-12 10:55 -------- d-----w c:\program files\Java
2009-03-12 09:15 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail
2009-03-11 20:00 . 2008-11-22 16:50 -------- d-----w c:\users\monika\AppData\Roaming\VoipDiscount
2009-03-09 04:19 . 2008-11-12 10:55 410984 ----a-w c:\windows\System32\deploytk.dll
2009-03-08 13:05 . 2009-01-18 19:39 -------- d—a-w c:\programdata\TEMP
2009-03-07 20:40 . 2008-12-27 17:05 -------- d-----w c:\program files\INTERIAPL
2009-02-27 09:52 . 2008-11-21 12:10 -------- d-----w c:\programdata\Skype
2009-02-27 09:52 . 2009-02-27 09:52 -------- d-----w c:\program files\Common Files\Skype
2009-02-15 22:11 . 2009-04-08 11:00 293528 ----a-w c:\windows\system32\drivers\vsdatant.sys
2009-02-15 22:10 . 2009-04-08 11:01 1221512 ----a-w c:\windows\System32\zpeng25.dll
2009-02-09 03:10 . 2009-03-12 08:10 2033152 ----a-w c:\windows\System32\win32k.sys
2009-01-15 06:11 . 2009-03-07 12:17 827392 ----a-w c:\windows\System32\wininet.dll
2008-11-21 16:45 . 2008-11-21 16:45 56 —ha-w c:\users\All Users\ezsidmv.dat
2008-11-21 16:45 . 2008-11-21 16:45 56 —ha-w c:\programdata\ezsidmv.dat
2008-10-30 10:08 . 2008-10-22 22:17 49824 ----a-w c:\users\monika\AppData\Local\GDIPFONTCACHEV1.DAT
2008-01-21 02:43 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini
2008-06-30 12:2008-07-21 08:58 44:08 . c:\program files\mozilla firefox\components\coFFPlgn.dll
2008-07-21 08:2008-07-21 08:45 45:34 . c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll
.
((((((((((((((((((((((((((((((((((((( Wpisy startowe rejestru ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Uwaga* puste wpisy oraz domyślne, prawidłowe wpisy nie są pokazane
REGEDIT4
[HKEY_LOCAL_MACHINE~\Browser Helper Objects{201f27d4-3704-41d6-89c1-aa35e39143ed}]
2008-10-16 18:22 333192 --a------ c:\program files\AskBarDis\bar\bin\askBar1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“{3041d03e-fd4b-44e0-b742-2d9b88305f98}”= “c:\program files\AskBarDis\bar\bin\askBar1.dll” [2008-10-16 333192]
[HKEY_CLASSES_ROOT\clsid{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
“{3041D03E-FD4B-44E0-B742-2D9B88305F98}”= “c:\program files\AskBarDis\bar\bin\askBar1.dll” [2008-10-16 333192]
[HKEY_CLASSES_ROOT\clsid{3041d03e-fd4b-44e0-b742-2d9b88305f98}]
[HKEY_CLASSES_ROOT\TypeLib{4b1c1e16-6b34-430e-b074-5928eca4c150}]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SmpcSys”=“c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe” [2008-02-04 1038136]
“ehTray.exe”=“c:\windows\ehome\ehTray.exe” [2008-01-21 125952]
“IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}”=“c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe” [2008-01-14 1688872]
“VoipDiscount”=“c:\program files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe” [2008-12-01 9073976]
“Nowe Gadu-Gadu”=“c:\program files\Nowe Gadu-Gadu\gg.exe” [2009-02-27 9339496]
“Skype”=“c:\program files\Skype\Phone\Skype.exe” [2009-03-27 24103720]
“WMPNSCFG”=“c:\program files\Windows Media Player\WMPNSCFG.exe” [2008-01-21 202240]
“Auto-Backup”=“c:\program files\Auto-Backup\Auto-Backup.exe” [2009-02-24 1384448]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
“SynTPEnh”=“c:\program files\Synaptics\SynTP\SynTPEnh.exe” [2007-03-01 857648]
“Google Desktop Search”=“c:\program files\Google\Google Desktop Search\GoogleDesktop.exe” [2008-07-21 29744]
“toolbar_eula_launcher”=“c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe” [2007-02-20 28672]
“MobileConnect”=“c:\program files\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe” [2008-07-04 2072576]
“Adobe Reader Speed Launcher”=“c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe” [2008-10-15 39792]
“SunJavaUpdateSched”=“c:\program files\Java\jre6\bin\jusched.exe” [2009-03-09 148888]
“ZoneAlarm Client”=“c:\program files\Zone Labs\ZoneAlarm\zlclient.exe” [2009-02-16 981384]
“avgnt”=“c:\program files\Avira\AntiVir Desktop\avgnt.exe” [2009-03-02 209153]
“RtHDVCpl”=“RtHDVCpl.exe” [2007-10-09 c:\windows\RtHDVCpl.exe]
“Skytel”=“Skytel.exe” [2007-08-03 c:\windows\SkyTel.exe]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
“EnableUIADesktopToggle”= 0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
“AppInit_DLLs”=c:\progra~1\Google\GOOGLE~3\GOEC62~1.DLL
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
“UacDisableNotify”=dword:00000001
“InternetSettingsDisableNotify”=dword:00000001
“AutoUpdateDisableNotify”=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
“DisableMonitoring”=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
“DisableMonitoring”=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
“DisableMonitoring”=dword:00000001
[HKLM~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
“{CF056C8D-D8B9-484B-A4B0-BCDE02D393F4}”= Disabled:UDP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
“{0E7CD62C-5401-4B66-819D-4CAA2F6B6B01}”= Disabled:TCP:c:\program files\Adobe\Photoshop Elements 6.0\AdobePhotoshopElementsMediaServer.exe:Adobe Photoshop Elements Media Server
“{40810008-79EF-4C3B-8FAF-3513C2745C36}”= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
“{756E7DF0-7D44-4931-A5CC-58244DFF7804}”= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
“{354BE2A3-75E7-46A4-A7E8-08C55785FDC5}”= c:\program files\Skype\Phone\Skype.exe:Skype
“{7A00BF2A-3405-4D03-A1D5-9906FAF8C761}”= UDP:c:\program files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:VoipDiscount
“{0854B72C-2D30-4107-BE3B-CC977B09DF58}”= TCP:c:\program files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe:VoipDiscount
“TCP Query User{D383D5D1-E519-4907-815B-167535631FCD}c:\program files\utorrent\utorrent.exe”= UDP:c:\program files\utorrent\utorrent.exe:µTorrent
“UDP Query User{F5CD9249-68BF-4ED8-9C73-2D72337CC53C}c:\program files\utorrent\utorrent.exe”= TCP:c:\program files\utorrent\utorrent.exe:µTorrent
“{9D6F5B79-0917-4FCB-828C-AD318AFBA664}”= UDP:c:\users\monika\AppData\Local\Temp\WZSE1.TMP\SymNRT.exe:Norton Removal Tool
“{46AB2D74-ADA9-443B-BFB5-4D48C69A6E5B}”= TCP:c:\users\monika\AppData\Local\Temp\WZSE1.TMP\SymNRT.exe:Norton Removal Tool
“{F720BC58-D312-4F60-995E-23EA47B1A885}”= Disabled:UDP:c:\users\monika\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
“{3F0686AA-44AD-4D7C-873E-484AC124A171}”= Disabled:TCP:c:\users\monika\AppData\Local\Temp\WZSE0.TMP\SymNRT.exe:Norton Removal Tool
“{00F12E65-4A79-4845-B18F-05401185639D}”= Disabled:UDP:c:\users\monika\AppData\Local\Temp\7zS6A56.tmp\SymNRT.exe:Norton Removal Tool
“{7075BEE1-5B9C-4B91-812F-C9B4EA8EAE0E}”= Disabled:TCP:c:\users\monika\AppData\Local\Temp\7zS6A56.tmp\SymNRT.exe:Norton Removal Tool
“{76CCD437-9DA1-4DDC-968C-77128AD2B9C5}”= Disabled:UDP:c:\users\monika\AppData\Local\Temp\7zS453A.tmp\SymNRT.exe:Norton Removal Tool
“{89AD6C5A-BA75-4744-985C-D06F80FBA5C7}”= Disabled:TCP:c:\users\monika\AppData\Local\Temp\7zS453A.tmp\SymNRT.exe:Norton Removal Tool
“{71C24431-CC7F-4842-9C20-E2AFFD1B9B1B}”= Disabled:UDP:c:\users\monika\AppData\Local\Temp\7zS12A5.tmp\SymNRT.exe:Norton Removal Tool
“{5ECE5468-3690-4CDF-AE1E-99190920AA8A}”= Disabled:TCP:c:\users\monika\AppData\Local\Temp\7zS12A5.tmp\SymNRT.exe:Norton Removal Tool
[HKLM~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
“EnableFirewall”= 0 (0x0)
[HKLM~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
“EnableFirewall”= 0 (0x0)
R2 .norton2009Reset;Norton2009 Reset;c:\programdata\Norton\Norton2009Reset.exe [2009-03-28 281625]
S2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6;c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2009-03-05 108289]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [2008-07-04 14336]
S3 SiS6350;SiS6350;c:\windows\system32\DRIVERS\SISGRKMD.sys [2008-09-24 460288]
S3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSGB6.sys [2008-09-09 48128]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
\shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{044bd3cb-da39-11dd-a69d-00221562ce0d}]
\shell\AutoRun\command - E:\setupSNK.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{51ea1038-a75a-11dd-954a-00221562ce0d}]
\shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{7d999346-c128-11dd-a663-00221562ce0d}]
\shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2{8d39abbf-a761-11dd-aedb-806e6f6e6963}]
\shell\AutoRun\command - E:\setup_vmc_lite.exe /checkApplicationPresence
.
Zawartość folderu ‘Zaplanowane zadania’
2009-03-16 c:\windows\Tasks\Norton Internet Security - Run Full System Scan - monika.job
- c:\program files\Norton Internet Security\Norton AntiVirus\Navw32.exe []
.
-
-
-
- USUNIĘTO PUSTE WPISY - - - -
-
-
HKLM-Run-WinampAgent - c:\program files\Winamp\winampa.exe
.
------- Skan uzupełniający -------
.
uStart Page = hxxp://go.packardbell.com/?id=9525
FF - ProfilePath - c:\users\monika\AppData\Roaming\Mozilla\Firefox\Profiles\gs00l5oa.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox?client=fi … l:official
FF - component: c:\program files\Mozilla Firefox\components\GoogleDesktopMozilla.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
.
**************************************************************************
catchme 0.3.1375 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-04-13 19:13
Windows 6.0.6001 Service Pack 1 NTFS
skanowanie ukrytych procesów …
skanowanie ukrytych wpisów autostartu …
skanowanie ukrytych plików …
skanowanie pomyślnie ukończone
ukryte pliki: 0
**************************************************************************
.
------------------------ Pozostałe uruchomione procesy ------------------------
.
c:\windows\System32\audiodg.exe
c:\windows\System32\ZoneLabs\vsmon.exe
c:\program files\ATK Hotkey\ASLDRSrv.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
c:\windows\System32\IoctlSvc.exe
c:\program files\ATK Hotkey\HControl.exe
c:\windows\System32\WUDFHost.exe
c:\program files\ATK Hotkey\ATKOSD.exe
c:\program files\ATK Hotkey\WDC.exe
c:\windows\System32\conime.exe
c:\windows\ehome\ehmsas.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\program files\Common Files\Nero\Lib\NMIndexingService.exe
c:\program files\Nowe Gadu-Gadu\spellchecker_gg.exe
c:\program files\Skype\Plugin Manager\skypePM.exe
c:\windows\System32\wbem\WMIADAP.exe
.
**************************************************************************
.
Czas ukończenia: 2009-04-13 19:16 - komputer został uruchomiony ponownie
ComboFix-quarantined-files.txt 2009-04-13 17:16
Przed: 24 368 304 128 bajtów wolnych
Po: 27,579,314,176 bajtów wolnych
267 — E O F — 2009-04-03 18:27